CVE search
367,151 resultsCVE-2023-54365HIGHTraefik - Denial of Service via HTTP/2 Request HandlingEPSS 0.6%CVE-2026-10711HIGHRCE in Akınsoft's CafePlusEPSS 0.2%CVE-2026-44089CRITICALBuffer Overflow in Totolink EX1200L routerEPSS 0.2%CVE-2026-4983MEDIUMOpen VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xmlEPSS 0.2%CVE-2026-11374CRITICALAccount Takeover via Predictable SSO Ticket GenerationEPSS 1.2%CVE-2026-10521HIGHAuthenticated unintended access to critical program parametersEPSS 0.3%CVE-2026-9733CRITICALMojolicious::Plugin::Web::Auth::OAuth2 versions through 0.17 for Perl have an insecure default state parameterEPSS 0.3%CVE-2026-8379HIGHFrontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File DownloadEPSS 0.2%CVE-2026-8378MEDIUMFrontend File Manager Plugin <= 23.6 - Subscriber+ Stored Cross-Site Scripting via File RenameEPSS 0.1%CVE-2026-8172HIGHSimple Basic Contact Form <= 20250114 - Reflected XSSEPSS 0.2%CVE-2026-8163HIGHInfility Global < 2.15.19 - Subscriber+ SQL Injection via order ParameterEPSS 0.2%CVE-2026-7842MEDIUMInfility Global < 2.15.20 - Editor+ SQL Injection via orderby ParameterEPSS 0.2%CVE-2026-12866CRITICALAll versions of the package expr-eval are vulnerable to Code Execution via the toJSFunction() API. An attacker can execute arbitrary JavaScrEPSS 0.5%CVE-2026-55654LOWOpenssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel terminationEPSS 0.4%CVE-2026-55655MEDIUMOpenssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versionsEPSS 0.1%CVE-2026-55653MEDIUMOpenssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of serviceEPSS 0.2%CVE-2026-11833HIGHOverview:
A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server settingEPSS 0.2%CVE-2025-61020HIGHAn issue in the sqlo_strip_in_join component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) viaEPSS 0.5%CVE-2025-55639MEDIUMGPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gf_isom_add_track_kind() function at isomedia/isom_write.c. ThiEPSS 0.4%CVE-2025-61029HIGHAn issue in the sqlo_untry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via craftedEPSS 0.4%